Closed
Bug 743636
Opened 12 years ago
Closed 5 years ago
Hang (eventual crash) with many nested <svg> and <use> elements
Categories
(Core :: SVG, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 1531333
People
(Reporter: sachinshinde11, Unassigned)
Details
(4 keywords, Whiteboard: [external-report])
Attachments
(2 files)
firefox version 11 hangs when trying to open attached file.It also crashes after some time. tested on -- Linux shadowfax 2.6.38-13-generic #57-Ubuntu SMP Mon Mar 5 18:10:14 UTC 2012 i686 i686 i386 GNU/Linux "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:11.0) Gecko/20100101 Firefox/11.0"
Updated•12 years ago
|
Component: Security → SVG
Product: Firefox → Core
QA Contact: firefox → general
Comment 1•12 years ago
|
||
The testcase is basically ~500 nested <svg> elements (with some other elements mixed in). I suspect we're hosed regardless on that sort of content. In a debug build, we continuously spam this output: WARNING: NS_ENSURE_SUCCESS(rv, rv) failed with result 0x80004005: file ../../../mozilla/layout/base/nsCSSFrameConstructor.cpp, line 3920 From a ~10 second sysprof sample of the hang: we're spending 99% of our time in nsCSSFrameConstructor::ProcessChildren, with 96% of the time spent in nsCSSRuleProcessor::RulesMatching (a few stacklevels down from ProcessChildren)
Comment 2•12 years ago
|
||
(also: in my opt build, this testcase got us up to 50% memory usage (4 GB) within a few minutes. I killed it at that point to be sure my system wouldn't become unresponsive.)
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: hang
Hardware: x86 → All
Summary: SVG DOS and crashes → SVG hang (eventual crash) with many nested <svg> elements
Version: 11 Branch → Trunk
Updated•12 years ago
|
Summary: SVG hang (eventual crash) with many nested <svg> elements → Hang (eventual crash) with many nested <svg> elements
Updated•11 years ago
|
Whiteboard: [external-report]
Updated•5 years ago
|
Summary: Hang (eventual crash) with many nested <svg> elements → Hang (eventual crash) with many nested <svg> and <use> elements
Comment 4•5 years ago
|
||
Updated•5 years ago
|
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•